Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Don't know what's causing this but i need help


  • Please log in to reply
8 replies to this topic

#1 peetee15

peetee15

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 15 September 2009 - 10:19 PM

Here are the basics of what is going on. First, it started when i was redirected to virus sites when i would type something and search in google. in addition, i would have random audio ads that would start up, but there was no way to close them (at this point, that hasn't happened in a few days). then, my computer restarted and when it came back up, my background would come up, but none of my desktop icons, start menu, nothing else would come up. i'm still actually having to just press ctrl alt delete and run everything through taskmanager. also, when i try to run malwarebytes or just about any other program, it may run for a few seconds or minutes, but it always shuts down whatever program i'm trying to run and then it locks me out of it by saying "windows cannot access the specified device, path, or file. you may not have appropriate permissions to access the item" whenever i try to run the program again after it has been shutdown. and yes, i've already tried renaming the programs to get them to run but it still shuts those down as well.

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:24 AM

Posted 18 September 2009 - 09:57 PM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:05:24 AM

Posted 19 September 2009 - 08:29 PM

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Direct Download (Recommended)
  • Zip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)

  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
  • Riight-click on rootrepeal.exe and rename it to tatertot.scr
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.
----------------------------------

Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to High

Edited by garmanma, 19 September 2009 - 08:30 PM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#4 peetee15

peetee15
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 20 September 2009 - 03:50 PM

i get something that says error decompression 5 when trying to run it

#5 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:05:24 AM

Posted 20 September 2009 - 06:25 PM

Did you rename it?
Click Settings - Options. Set the Disk Access slider to High?

Rescan and select only Drivers to scan
-----------------------------------------------

If no luck try this scan, rename it also


1. Download Win32kDiag from any of the following locations and save it to your Desktop

http://ad13.geekstogo.com/Win32kDiag.exe

http://download.bleepingcomputer.com/rootr.../Win32kDiag.exe

2. Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
3. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
4. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#6 peetee15

peetee15
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 23 September 2009 - 08:10 PM

it froze in the middle but heres what it got

Found mount point : C:\WINNT\ime\imkr6_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\ime\imkr6_1\dicts\dicts

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\ime\shared\res\res

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Installer\$PatchCache$\Managed\50512592984F2284DAAF236CED4E1F41\8.0.6\8.0.6

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Installer\$PatchCache$\Managed\52CB9D6ECBD08634E8A4D7EE0866C19D\8.0.148\8.0.148

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Installer\$PatchCache$\Managed\AC1F0757D610CA645B68DC4746E5BF25\8.0.211\8.0.211

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Installer\$PatchCache$\Managed\FC62732BFB866A144ABE271FF278EF50\8.0.63\8.0.63

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\java\classes\classes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINNT\Minidump\Mini062209-01.dmp

[1] 2009-06-22 18:07:39 90112 C:\WINNT\Minidump\Mini062209-01.dmp ()



Cannot access: C:\WINNT\Minidump\Mini062509-01.dmp

[1] 2009-06-25 20:32:07 90112 C:\WINNT\Minidump\Mini062509-01.dmp ()



Cannot access: C:\WINNT\Minidump\Mini062609-01.dmp

[1] 2009-06-26 19:37:35 90112 C:\WINNT\Minidump\Mini062609-01.dmp ()



Cannot access: C:\WINNT\Minidump\Mini091009-01.dmp

[1] 2009-09-10 15:48:41 90112 C:\WINNT\Minidump\Mini091009-01.dmp ()



Cannot access: C:\WINNT\Minidump\Mini091409-01.dmp

[1] 2009-09-14 17:02:44 90112 C:\WINNT\Minidump\Mini091409-01.dmp ()



Found mount point : C:\WINNT\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\pchealth\helpctr\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINNT\pchealth\helpctr\binaries\helpsvc.exe

[1] 2008-04-13 19:12:21 744448 C:\WINNT\pchealth\helpctr\binaries\helpsvc.exe ()

[1] 2008-04-13 19:12:21 744448 C:\WINNT\ServicePackFiles\i386\helpsvc.exe (Microsoft Corporation)



Found mount point : C:\WINNT\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\pchealth\helpctr\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\pchealth\helpctr\System_OEM\System_OEM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\PIF\PIF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINNT\repair\default



ERROR OCCURRED!

------------------------------

Windows Version: Windows XP SP3

Exception Code: 0xc0000005

Exception Address: 0x00402415

Attempt to write to address: 0x00000000

#7 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:05:24 AM

Posted 24 September 2009 - 05:39 PM

Let's try this scan


We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#8 peetee15

peetee15
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 24 September 2009 - 09:51 PM

here goes


OTL logfile created on: 9/24/2009 9:48:51 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = D:\Documents and Settings\Ian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 234.87 Mb Available Physical Memory | 45.96% Memory free
1.22 Gb Paging File | 0.66 Gb Available in Paging File | 54.16% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 36.51 Gb Total Space | 20.03 Gb Free Space | 54.87% Space Free | Partition Type: NTFS
Drive D: | 37.25 Gb Total Space | 8.31 Gb Free Space | 22.30% Space Free | Partition Type: NTFS
Drive E: | 74.46 Gb Total Space | 46.27 Gb Free Space | 62.15% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 241.97 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 753.05 Mb Total Space | 746.69 Mb Free Space | 99.16% Space Free | Partition Type: NTFS

Computer Name: HOME
Current User Name: Ian
NOT logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINNT\System32\HPZipm12.exe
PRC - [2008/04/13 19:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\wscntfy.exe
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/04/15 18:37:11 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/09/24 21:37:30 | 00,514,560 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Ian\Desktop\OTL.exe
PRC - [2008/04/13 19:12:37 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\taskmgr.exe
PRC - [2008/04/13 19:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINNT\notepad.exe

========== Win32 Services (SafeList) ==========


========== Driver Services (SafeList) ==========


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://inside.msfc.nasa.gov
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\S-1-5-21-3945725102-565274025-4042124420-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/04/17 18:36:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 03:00:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/23 14:52:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/30 01:03:48 | 00,000,000 | ---D | M]

[2009/04/30 09:29:53 | 00,000,000 | ---D | M] -- D:\Documents and Settings\Ian\Application Data\mozilla\Firefox\Profiles\751mth4y.default\extensions
[2009/09/09 16:13:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/14 18:00:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/17 18:37:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/08/14 17:59:59 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/14 18:00:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2004/09/09 00:03:50 | 00,049,152 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/04/17 18:36:50 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/03/12 15:16:54 | 00,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll
[2009/05/20 01:49:50 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009/08/14 18:00:15 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2003/07/14 22:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2005/09/23 21:44:16 | 00,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/04 19:33:34 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/04 19:33:34 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/04 19:33:34 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/04/17 16:53:29 | 03,771,296 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2009/04/23 19:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 19:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 19:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 19:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 19:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 19:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 19:39:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (306581 bytes) - C:\WINNT\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.62 prosecure.microsoft.com
O1 - Hosts: 209.44.111.62 antivir-prof.com
O1 - Hosts: 209.44.111.62 www.antivir-prof.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 10578 more lines...
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe File not found
O4 - HKLM..\Run: [BCMSMMSG] C:\WINNT\BCMSMMSG.exe (Broadcom Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINNT\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINNT\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINNT\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TLogonPath] C:\Program Files\Timbuktu Pro\tb2logon.exe (Netopia, Inc.)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] H:\New Folder (2)\Malwarebytes' Anti-Malware\mbamgui.exe File not found
O4 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013..\RunOnce: [FlashPlayerUpdate] C:\WINNT\System32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: nodrivetypeautorun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINNT\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINNT\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macromedia.com/pub/shockwa...are/awswaxf.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1122054005666 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {AB6633A8-60A9-4F5D-B66C-ABE268CC3227} http://www.solidworks.com/sw/support/subsc...dimdownload.cab (SolidWorks Installation Manager Contol)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames.com/downloads/activex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.1.30.43 69.1.30.42
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\winnt\system32\wuhomuro.dll) - C:\WINNT\System32\wuhomuro.dll File not found
O20 - AppInit_DLLs: (c:\winnt\system32\tovebogi.dll) - C:\WINNT\System32\tovebogi.dll File not found
O20 - AppInit_DLLs: (joretido.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe ()
O20 - HKLM Winlogon: Shell - (rundll32.exe) - File not found
O20 - HKLM Winlogon: Shell - (tftp.msc) - C:\WINNT\System32\tftp.msc ()
O20 - HKLM Winlogon: Shell - (beforegllav) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - H:\New Folder\SASWINLO.dll - H:\New Folder\SASWINLO.dll File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINNT\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINNT\system32\NavLogon.dll - C:\WINNT\System32\NavLogon.dll (Symantec Corporation)
O20 - Winlogon\Notify\Timbuktu Pro: DllName - C:\Program Files\Timbuktu Pro\Hook32.dll - C:\Program Files\Timbuktu Pro\Hook32.dll (Netopia, Inc.)
O21 - SSODL: nusizusot - {9c9ec39d-3ca4-4bfc-a25f-66b34a258a30} - CLSID or File not found.
O22 - SharedTaskScheduler: {9c9ec39d-3ca4-4bfc-a25f-66b34a258a30} - kupuhivus - Reg Error: Value error. File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - H:\New Folder\SASSEH.DLL File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2005/04/07 07:27:15 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/04 10:16:03 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3912b9fb-56e7-11de-aaee-000cf1836818}\Shell\autorun\command - "" = H:\CA_EdgeLitemobile.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINNT\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/24 21:37:27 | 00,514,560 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Ian\Desktop\OTL.exe
[2009/09/23 15:58:42 | 00,047,616 | ---- | C] () -- D:\Documents and Settings\Ian\Desktop\klj.exe
[2009/09/20 15:53:32 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Ian\Application Data\SUPERAntiSpyware.com
[2009/09/15 22:29:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/09/15 22:28:28 | 00,000,406 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/09/15 20:23:52 | 00,000,000 | ---D | C] -- C:\Program Files\aASAFSD
[2009/09/15 20:08:34 | 00,000,000 | -H-D | C] -- C:\WINNT\PIF
[2009/09/15 18:27:13 | 00,000,000 | ---D | C] -- C:\Program Files\12
[2009/09/14 17:46:49 | 00,000,000 | ---D | C] -- C:\Program Files\New Folder
[2009/09/14 16:52:53 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/09/13 14:47:16 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/09/13 14:47:14 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009/09/12 16:35:41 | 00,001,210 | ---- | C] () -- D:\Documents and Settings\Ian\My Documents\safeboot.reg
[2009/09/12 13:25:15 | 00,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
[2009/09/12 13:22:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/12 13:11:07 | 00,000,000 | ---D | C] -- C:\Program Files\Yues
[2009/09/12 12:16:22 | 00,025,088 | ---- | C] () -- C:\WINNT\System32\tftp.msc
[2009/09/11 16:57:07 | 00,161,808 | ---- | C] () -- C:\WINNT\System32\counters
[2009/09/11 06:40:14 | 00,000,004 | ---- | C] () -- C:\WINNT\System32\bincd32.dat
[2009/09/10 19:59:12 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\pctgntdi.sys
[2009/09/10 19:59:01 | 00,206,256 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\PCTCore.sys
[2009/09/10 19:59:01 | 00,086,888 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\PCTAppEvent.sys
[2009/09/10 19:59:01 | 00,007,396 | ---- | C] () -- C:\WINNT\System32\drivers\pctcore.cat
[2009/09/10 19:58:53 | 00,001,537 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/09/10 19:58:48 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\pctplsg.sys
[2009/09/10 19:58:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/09/10 19:58:32 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PC Tools
[2009/09/10 19:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/09/10 19:58:29 | 00,000,632 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/09/10 19:58:27 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\STKIT432.DLL
[2009/09/10 19:58:17 | 00,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2009/09/10 19:57:55 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/10 19:50:43 | 00,008,547 | ---- | C] () -- C:\WINNT\System32\wispex.html
[2009/09/10 19:50:43 | 00,000,000 | ---D | C] -- C:\WINNT\System32\images
[2009/09/10 19:43:18 | 00,000,000 | ---D | C] -- C:\Program Files\Mallywdar
[2009/09/10 19:28:34 | 00,019,078 | ---- | C] () -- C:\WINNT\System32\zoha.db
[2009/09/10 19:28:34 | 00,017,023 | ---- | C] () -- C:\WINNT\qawexewe.bin
[2009/09/10 19:28:34 | 00,016,652 | ---- | C] () -- C:\WINNT\mycolawaky.lib
[2009/09/10 19:28:33 | 00,016,903 | ---- | C] () -- C:\WINNT\igysawyxev.exe
[2009/09/10 19:28:33 | 00,016,283 | ---- | C] () -- C:\WINNT\cimo._sy
[2009/09/10 19:28:33 | 00,015,933 | ---- | C] () -- C:\WINNT\System32\yzunipega.com
[2009/09/10 19:28:33 | 00,015,639 | ---- | C] () -- C:\WINNT\System32\buzulozoja.scr
[2009/09/10 19:28:33 | 00,012,959 | ---- | C] () -- C:\Program Files\Common Files\cugese.reg
[2009/09/10 19:28:33 | 00,012,081 | ---- | C] () -- C:\Program Files\Common Files\focavo.pif
[2009/09/10 19:28:33 | 00,011,594 | ---- | C] () -- C:\WINNT\ewicuqysyl.lib
[2009/09/10 19:28:33 | 00,010,931 | ---- | C] () -- C:\WINNT\System32\miwyca.exe
[2009/09/10 19:28:33 | 00,010,330 | ---- | C] () -- C:\WINNT\kexebipy.pif
[2009/09/10 18:51:05 | 00,001,382 | ---- | C] () -- C:\WINNT\System32\onhelp.htm
[2009/09/10 18:45:37 | 00,000,382 | ---- | C] () -- C:\Program Files\Shortcut to Program Files.lnk
[2009/09/10 18:31:26 | 00,000,058 | ---- | C] () -- C:\WINNT\ppp4.dat
[2009/09/10 18:31:26 | 00,000,003 | ---- | C] () -- C:\WINNT\ppp3.dat
[2009/09/10 18:31:24 | 00,000,036 | ---- | C] () -- C:\WINNT\System32\sysnet.dat
[2009/09/10 18:31:24 | 00,000,009 | ---- | C] () -- C:\WINNT\System32\bennuar.old
[2009/09/10 18:31:23 | 00,000,032 | ---- | C] () -- C:\WINNT\System32\sonhelp.htm
[2009/09/10 17:36:43 | 00,014,928 | ---- | C] () -- C:\WINNT\System32\oxyl.exe
[2009/09/10 17:36:43 | 00,013,908 | ---- | C] () -- C:\Program Files\Common Files\alyreqexad.exe
[2009/09/10 17:36:43 | 00,011,243 | ---- | C] () -- C:\Program Files\Common Files\yfivosuly._dl
[2009/09/10 17:36:43 | 00,011,212 | ---- | C] () -- C:\WINNT\amigeh.bat
[2009/09/10 17:36:42 | 00,019,497 | ---- | C] () -- C:\WINNT\gida.dat
[2009/09/10 17:36:41 | 00,015,985 | ---- | C] () -- C:\WINNT\zerazob.pif
[2009/09/10 17:36:41 | 00,014,416 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\ozudetel.dll
[2009/09/10 17:36:41 | 00,011,389 | ---- | C] () -- C:\WINNT\adygysyp.vbs
[2009/09/10 17:00:56 | 00,227,840 | ---- | C] (Legal Corporation) -- C:\WINNT\System32\_scui.cpl
[2009/09/09 21:22:50 | 00,000,000 | ---- | C] () -- C:\WINNT\System32\41.exe
[2009/09/09 21:15:32 | 00,025,088 | ---- | C] () -- C:\WINNT\System32\tapi.nfo
[2009/09/09 21:15:00 | 00,000,046 | ---- | C] () -- C:\p2hhr.bat
[2009/09/09 21:13:46 | 00,000,000 | ---- | C] () -- C:\WINNT\System32\drivers\e09b46c2.sys
[2009/09/09 21:12:55 | 00,000,000 | ---D | C] -- C:\spoolerlogs
[2009/09/09 21:12:30 | 00,017,920 | ---- | C] () -- C:\fjmpqp.exe
[2009/09/09 21:12:29 | 00,049,664 | ---- | C] () -- C:\scmhux.exe
[2009/09/09 21:12:27 | 00,022,016 | ---- | C] () -- C:\udtcnn.exe
[2009/09/09 21:12:26 | 00,009,728 | ---- | C] () -- C:\kqbvc.exe
[2009/09/09 21:12:14 | 00,047,104 | ---- | C] () -- C:\WINNT\System32\~.exe
[2009/09/09 21:01:59 | 00,070,656 | ---- | C] () -- C:\WINNT\System32\drivers\vsipfvornmxxxiqd.sys
[2009/09/09 21:01:52 | 00,000,198 | -H-- | C] () -- C:\WINNT\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/09/09 21:01:47 | 00,000,246 | -H-- | C] () -- C:\WINNT\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[2009/09/05 21:03:01 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Ian\Application Data\Windows Desktop Search
[2009/09/05 21:01:42 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Ian\Application Data\IM
[2009/08/30 01:11:02 | 00,001,976 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\DWGeditor.lnk
[2009/08/30 01:07:52 | 00,000,000 | ---- | C] () -- C:\WINNT\eDrawingOfficeAutomator.INI
[2009/08/30 01:06:08 | 00,001,730 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2009.lnk
[2009/08/30 00:46:07 | 00,000,023 | -H-- | C] () -- C:\WINNT\yacht.xws
[2009/08/30 00:37:22 | 00,002,249 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks 2009 SP3.0.lnk
[2009/08/30 00:12:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Shared
[2009/08/30 00:10:01 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009/08/30 00:09:53 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\SolidWorks
[2009/08/30 00:09:53 | 00,000,000 | ---D | C] -- C:\Program Files\SolidWorks Corp
[2009/08/30 00:04:08 | 00,001,647 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
[2009/08/30 00:03:36 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/08/30 00:01:34 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/08/29 23:59:15 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2009/08/29 23:59:14 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/08/29 23:02:22 | 00,000,000 | ---D | C] -- C:\SolidWorks Data
[2009/08/29 22:59:58 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Installation Manager
[2009/08/29 22:59:03 | 00,000,000 | ---D | C] -- C:\WINNT\SolidWorks
[2009/08/11 21:44:39 | 00,000,000 | ---- | C] () -- C:\WINNT\RingtoneMaker.INI
[2009/08/11 21:19:39 | 00,002,770 | ---- | C] () -- C:\WINNT\mgxoschk.ini
[2009/07/30 00:19:56 | 00,000,069 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2009/07/23 15:09:43 | 00,000,039 | ---- | C] () -- C:\WINNT\Irremote.ini
[2009/06/15 18:45:57 | 00,037,888 | -HS- | C] () -- C:\WINNT\System32\vovugesi.dll
[2009/06/14 16:11:38 | 00,050,176 | -HS- | C] () -- C:\WINNT\System32\wiziwera.dll
[2009/06/14 16:10:34 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\pupamawe.dll
[2009/06/14 16:10:32 | 00,050,176 | -HS- | C] () -- C:\WINNT\System32\jazijase.dll
[2009/06/13 19:08:36 | 00,038,400 | -HS- | C] () -- C:\WINNT\System32\zidoyowi.dll
[2009/06/12 12:14:16 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\pojezija.dll
[2009/06/11 17:41:39 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\merunime.dll
[2009/06/10 15:52:03 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\risowupa.dll
[2009/06/10 15:52:01 | 00,050,176 | -HS- | C] () -- C:\WINNT\System32\lawalasi.dll
[2009/06/09 21:21:29 | 00,037,888 | -HS- | C] () -- C:\WINNT\System32\gijotoda.dll
[2009/06/02 20:36:29 | 00,027,648 | ---- | C] () -- C:\WINNT\System32\AVSredirect.dll
[2009/05/18 22:17:33 | 00,061,440 | ---- | C] () -- C:\WINNT\System32\drivers\zwndsrw.sys
[2009/05/18 21:12:02 | 00,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2009/04/16 08:03:17 | 00,077,824 | R--- | C] () -- C:\WINNT\System32\HPZIDS01.dll
[2009/04/14 19:05:25 | 00,000,523 | ---- | C] () -- C:\WINNT\ATICIM.INI
[2008/05/16 14:01:00 | 01,703,936 | ---- | C] () -- C:\WINNT\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 01,486,848 | ---- | C] () -- C:\WINNT\System32\nview.dll
[2008/05/16 14:01:00 | 01,019,904 | ---- | C] () -- C:\WINNT\System32\nvwimg.dll
[2008/05/16 14:01:00 | 00,466,944 | ---- | C] () -- C:\WINNT\System32\nvshell.dll
[2008/05/16 14:01:00 | 00,286,720 | ---- | C] () -- C:\WINNT\System32\nvnt4cpl.dll
[2007/01/03 11:24:36 | 00,020,698 | ---- | C] () -- C:\WINNT\System32\idxcntrs.ini
[2007/01/03 11:22:46 | 00,030,628 | ---- | C] () -- C:\WINNT\System32\gsrvctr.ini
[2007/01/03 11:22:14 | 00,031,698 | ---- | C] () -- C:\WINNT\System32\gthrctr.ini
[2006/04/06 11:15:43 | 00,000,064 | ---- | C] () -- C:\WINNT\msfcinfo.ini
[2005/08/18 07:56:27 | 00,001,368 | ---- | C] () -- C:\WINNT\System32\oeminfo.ini
[2005/05/20 13:30:28 | 00,000,061 | ---- | C] () -- C:\WINNT\smscfg.ini
[2005/04/08 10:20:57 | 00,065,536 | ---- | C] ( ) -- C:\WINNT\System32\A3d.dll
[2005/04/07 13:13:20 | 00,000,000 | ---- | C] () -- C:\WINNT\VPC32.INI
[2005/04/07 10:45:32 | 00,000,370 | ---- | C] () -- C:\WINNT\ODBC.INI
[2005/04/07 07:41:28 | 00,139,264 | ---- | C] () -- C:\WINNT\System32\e1000msg.dll
[2004/08/04 01:56:44 | 00,061,952 | ---- | C] () -- C:\WINNT\System32\eventlog.dll
[2003/07/08 13:41:48 | 00,047,616 | ---- | C] () -- C:\WINNT\System32\P16X.dll
[2003/07/02 13:54:08 | 00,010,752 | ---- | C] () -- C:\WINNT\System32\xsavesig.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI
[2001/08/23 07:00:00 | 00,000,857 | ---- | C] () -- C:\WINNT\win.ini
[2001/08/23 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINNT\system.ini
[2001/07/07 03:00:00 | 00,003,399 | ---- | C] () -- C:\WINNT\System32\hptcpmon.ini
[1997/05/12 02:10:00 | 00,097,280 | ---- | C] () -- C:\WINNT\System32\ZIPDLL.DLL
[1997/05/12 02:10:00 | 00,089,088 | ---- | C] ( ) -- C:\WINNT\System32\UNZDLL.DLL

========== Files - Modified Within 30 Days ==========

[2009/09/24 21:37:30 | 00,514,560 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Ian\Desktop\OTL.exe
[2009/09/24 21:27:31 | 00,000,246 | -H-- | M] () -- C:\WINNT\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[2009/09/24 21:26:00 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2009/09/24 21:25:36 | 00,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2009/09/24 21:25:19 | 00,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2009/09/23 20:00:00 | 00,000,198 | -H-- | M] () -- C:\WINNT\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/09/23 15:58:42 | 00,047,616 | ---- | M] () -- D:\Documents and Settings\Ian\Desktop\klj.exe
[2009/09/22 20:35:00 | 00,000,472 | ---- | M] () -- C:\WINNT\tasks\Ad-Aware Update (Weekly).job
[2009/09/15 22:32:37 | 00,000,406 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/09/15 21:31:10 | 00,000,227 | ---- | M] () -- C:\WINNT\system.ini
[2009/09/15 19:19:59 | 00,011,168 | -H-- | M] () -- C:\WINNT\System32\viweyune
[2009/09/15 18:45:58 | 00,037,888 | -HS- | M] () -- C:\WINNT\System32\vovugesi.dll
[2009/09/14 16:11:08 | 00,050,176 | -HS- | M] () -- C:\WINNT\System32\jazijase.dll
[2009/09/14 16:10:35 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\pupamawe.dll
[2009/09/13 19:08:37 | 00,038,400 | -HS- | M] () -- C:\WINNT\System32\zidoyowi.dll
[2009/09/12 16:35:41 | 00,001,210 | ---- | M] () -- D:\Documents and Settings\Ian\My Documents\safeboot.reg
[2009/09/12 12:14:49 | 00,000,370 | ---- | M] () -- C:\WINNT\ODBC.INI
[2009/09/12 12:14:19 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\pojezija.dll
[2009/09/12 12:14:16 | 00,025,088 | ---- | M] () -- C:\WINNT\System32\tftp.msc
[2009/09/11 23:34:07 | 00,000,284 | ---- | M] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2009/09/11 17:41:40 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\merunime.dll
[2009/09/11 16:57:07 | 00,161,808 | ---- | M] () -- C:\WINNT\System32\counters
[2009/09/11 15:56:16 | 00,000,058 | ---- | M] () -- C:\WINNT\ppp4.dat
[2009/09/11 15:56:16 | 00,000,003 | ---- | M] () -- C:\WINNT\ppp3.dat
[2009/09/11 15:45:21 | 00,000,000 | ---- | M] () -- C:\WINNT\System32\drivers\e09b46c2.sys
[2009/09/11 15:29:39 | 00,001,382 | ---- | M] () -- C:\WINNT\System32\onhelp.htm
[2009/09/11 06:40:14 | 00,000,004 | ---- | M] () -- C:\WINNT\System32\bincd32.dat
[2009/09/11 00:08:34 | 00,227,840 | ---- | M] (Legal Corporation) -- C:\WINNT\System32\_scui.cpl
[2009/09/10 19:58:53 | 00,001,537 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/09/10 19:58:29 | 00,000,632 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/09/10 19:49:40 | 00,000,009 | ---- | M] () -- C:\WINNT\System32\bennuar.old
[2009/09/10 19:28:41 | 00,000,000 | ---- | M] () -- C:\WINNT\System32\41.exe
[2009/09/10 19:28:34 | 00,019,078 | ---- | M] () -- C:\WINNT\System32\zoha.db
[2009/09/10 19:28:34 | 00,017,023 | ---- | M] () -- C:\WINNT\qawexewe.bin
[2009/09/10 19:28:34 | 00,016,652 | ---- | M] () -- C:\WINNT\mycolawaky.lib
[2009/09/10 19:28:33 | 00,016,903 | ---- | M] () -- C:\WINNT\igysawyxev.exe
[2009/09/10 19:28:33 | 00,016,283 | ---- | M] () -- C:\WINNT\cimo._sy
[2009/09/10 19:28:33 | 00,015,933 | ---- | M] () -- C:\WINNT\System32\yzunipega.com
[2009/09/10 19:28:33 | 00,015,639 | ---- | M] () -- C:\WINNT\System32\buzulozoja.scr
[2009/09/10 19:28:33 | 00,012,959 | ---- | M] () -- C:\Program Files\Common Files\cugese.reg
[2009/09/10 19:28:33 | 00,012,081 | ---- | M] () -- C:\Program Files\Common Files\focavo.pif
[2009/09/10 19:28:33 | 00,011,594 | ---- | M] () -- C:\WINNT\ewicuqysyl.lib
[2009/09/10 19:28:33 | 00,010,931 | ---- | M] () -- C:\WINNT\System32\miwyca.exe
[2009/09/10 19:28:33 | 00,010,330 | ---- | M] () -- C:\WINNT\kexebipy.pif
[2009/09/10 19:20:29 | 00,047,104 | ---- | M] () -- C:\WINNT\System32\~.exe
[2009/09/10 18:45:37 | 00,000,382 | ---- | M] () -- C:\Program Files\Shortcut to Program Files.lnk
[2009/09/10 18:31:24 | 00,000,036 | ---- | M] () -- C:\WINNT\System32\sysnet.dat
[2009/09/10 18:31:23 | 00,000,032 | ---- | M] () -- C:\WINNT\System32\sonhelp.htm
[2009/09/10 18:28:58 | 00,186,097 | ---- | M] () -- C:\WINNT\System32\nvapps.xml
[2009/09/10 17:36:43 | 00,014,928 | ---- | M] () -- C:\WINNT\System32\oxyl.exe
[2009/09/10 17:36:43 | 00,013,908 | ---- | M] () -- C:\Program Files\Common Files\alyreqexad.exe
[2009/09/10 17:36:43 | 00,011,243 | ---- | M] () -- C:\Program Files\Common Files\yfivosuly._dl
[2009/09/10 17:36:43 | 00,011,212 | ---- | M] () -- C:\WINNT\amigeh.bat
[2009/09/10 17:36:42 | 00,019,497 | ---- | M] () -- C:\WINNT\gida.dat
[2009/09/10 17:36:41 | 00,015,985 | ---- | M] () -- C:\WINNT\zerazob.pif
[2009/09/10 17:36:41 | 00,014,416 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\ozudetel.dll
[2009/09/10 17:36:41 | 00,011,389 | ---- | M] () -- C:\WINNT\adygysyp.vbs
[2009/09/10 15:52:33 | 00,050,176 | -HS- | M] () -- C:\WINNT\System32\lawalasi.dll
[2009/09/10 15:52:04 | 00,053,248 | -HS- | M] () -- C:\WINNT\System32\lekegafu.exe
[2009/09/10 15:52:04 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\risowupa.dll
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009/09/09 21:21:31 | 00,044,970 | -HS- | M] () -- C:\WINNT\System32\wowafuha.exe
[2009/09/09 21:21:30 | 00,037,888 | -HS- | M] () -- C:\WINNT\System32\gijotoda.dll
[2009/09/09 21:15:00 | 00,000,046 | ---- | M] () -- C:\p2hhr.bat
[2009/09/09 21:12:38 | 00,025,088 | ---- | M] () -- C:\WINNT\System32\tapi.nfo
[2009/09/09 21:12:35 | 00,049,664 | ---- | M] () -- C:\scmhux.exe
[2009/09/09 21:12:35 | 00,017,920 | ---- | M] () -- C:\fjmpqp.exe
[2009/09/09 21:12:28 | 00,022,016 | ---- | M] () -- C:\udtcnn.exe
[2009/09/09 21:12:27 | 00,009,728 | ---- | M] () -- C:\kqbvc.exe
[2009/09/09 21:01:59 | 00,070,656 | ---- | M] () -- C:\WINNT\System32\drivers\vsipfvornmxxxiqd.sys
[2009/09/09 03:02:01 | 00,001,355 | ---- | M] () -- C:\WINNT\imsins.BAK
[2009/09/05 21:04:47 | 00,072,704 | ---- | M] () -- D:\Documents and Settings\Ian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/02 18:40:29 | 00,000,000 | -H-- | M] () -- C:\WINNT\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/08/30 16:43:37 | 00,002,249 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks 2009 SP3.0.lnk
[2009/08/30 09:25:03 | 00,239,144 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2009/08/30 01:11:02 | 00,001,976 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\DWGeditor.lnk
[2009/08/30 01:07:52 | 00,000,000 | ---- | M] () -- C:\WINNT\eDrawingOfficeAutomator.INI
[2009/08/30 01:06:08 | 00,001,730 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2009.lnk
[2009/08/30 00:46:07 | 00,000,023 | -H-- | M] () -- C:\WINNT\yacht.xws
[2009/08/30 00:04:08 | 00,001,647 | ---- | M] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
[2009/08/30 00:03:46 | 00,547,118 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2009/08/30 00:03:46 | 00,465,072 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2009/08/30 00:03:46 | 00,078,958 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2009/08/26 21:43:54 | 04,843,168 | -H-- | M] () -- D:\Documents and Settings\Ian\Local Settings\Application Data\IconCache.db
[2009/08/26 02:24:45 | 00,008,547 | ---- | M] () -- C:\WINNT\System32\wispex.html

========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\shellext.dll:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\ntlog.dll:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\nsldapssl32v30.dll:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\cbkhdlr.exe:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Program Files\Timbuktu Pro\tb2logon.exe:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Program Files\Timbuktu Pro\Hook32.dll:AFP_AfpInfo
@Alternate Data Stream - 155 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 149 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >

#9 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:05:24 AM

Posted 25 September 2009 - 06:47 PM

Save the OT scan

Now that you were successful in creating a log you need to post it in our HJT forum:
Just post the RR log and let them know you also have an OTL log if needed
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/
Give a brief description and tell them that the Root Repeal and OT logs were all you could get to run successfully
The HJT team is extremely busy, so be patient and good luck
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users